<HTML> <HEAD> <TITLE>Re: [Freeipa-users] Difficulty installing freeipa</TITLE> </HEAD> <BODY> Yes, I mentioned in the first email I had attempted that. I just ran the uninstall 10 times in a row. Same errors: Configuring directory server: [1/17]: creating directory server user [2/17]: creating directory server instance root : CRITICAL failed to restart ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpYwtW2p' returned non-zero exit status 1 [3/17]: adding default schema [4/17]: enabling memberof plugin [5/17]: enabling referential integrity plugin [6/17]: enabling distributed numeric assignment plugin [7/17]: enabling winsync plugin [8/17]: configuring uniqueness plugin [9/17]: creating indices [10/17]: configuring ssl for ds instance [11/17]: configuring certmap.conf [12/17]: restarting directory server [13/17]: adding default layout root : CRITICAL Failed to load bootstrap-template.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -y /tmp/tmp0AROuy -f /tmp/tmpPC4048' returned non-zero exit status 32 [14/17]: configuring Posix uid/gid generation as first master [15/17]: adding master entry as first master root : CRITICAL Failed to load master-entry.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -y /tmp/tmpwyqeVF -f /tmp/tmp1dDTjN' returned non-zero exit status 32 [16/17]: initializing group membership [17/17]: configuring directory to start on boot done configuring dirsrv. As a test I’ve manually run setup-ds.pl accepting all of the defaults. It works fine and installs successfully, creating the slapd-freeipa (which is the hostname) instance. I then ran remove-ds.pl on the slapd-freeipa instance and re-ran the ipa uninstall. When I attempted to reinstall ipa, it detected an existing ds. I did a locate for dirsrv and found logfiles from an instance called slapd-ARC-NASA-GOV, which should be my default freeipa dirsrv instance. To try to clean this up, I ran setup-ds.pl and chose custom and created a slapd-ARC-NASA-GOV instance, and then immediately removed it with remove-ds.pl. I then re-ran ipa-server-install, which this time did not detect an existing directory server. However, the ipa-server-install again failed in the same location. [2/17]: creating directory server instance root : CRITICAL failed to restart ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmp77JJv1' returned non-zero exit status 1 And from the log: 2011-06-03 15:12:41,540 DEBUG Configuring directory server: 2011-06-03 15:12:41,541 DEBUG [1/17]: creating directory server user 2011-06-03 15:12:41,541 DEBUG ds user dirsrv exists 2011-06-03 15:12:41,541 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-06-03 15:12:41,541 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-06-03 15:12:41,542 DEBUG [2/17]: creating directory server instance 2011-06-03 15:12:41,567 INFO *** Error: no dirsrv instances configured 2011-06-03 15:12:41,567 INFO 2011-06-03 15:12:41,567 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-06-03 15:12:41,568 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-06-03 15:12:41,568 DEBUG dn: dc=arc,dc=nasa,dc=gov objectClass: top objectClass: domain objectClass: pilotObject dc: arc info: IPA V1.0 2011-06-03 15:12:41,569 DEBUG writing inf template 2011-06-03 15:12:41,570 DEBUG [General] FullMachineName= freeipa.arc.nasa.gov SuiteSpotUserID= dirsrv ServerRoot= /usr/lib64/dirsrv [slapd] ServerPort= 389 ServerIdentifier= ARC-NASA-GOV Suffix= dc=arc,dc=nasa,dc=gov RootDN= cn=Directory Manager InstallLdifFile= /var/lib/dirsrv/boot.ldif 2011-06-03 15:12:41,570 DEBUG calling setup-ds.pl 2011-06-03 15:12:48,633 INFO [11/06/03:15:12:48] - [Setup] Info Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 59648. Output: importing data ... [03/Jun/2011:15:12:41 -0700] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [03/Jun/2011:15:12:42 -0700] - check_and_set_import_cache: pagesize: 4096, pages: 997331, procpages: 48998 [03/Jun/2011:15:12:42 -0700] - Import allocates 1595728KB import cache. [03/Jun/2011:15:12:42 -0700] - import userRoot: Beginning import job... [03/Jun/2011:15:12:42 -0700] - import userRoot: Index buffering enabled with bucket size 100 [03/Jun/2011:15:12:42 -0700] - import userRoot: Could not open LDIF file "/var/lib/dirsrv/boot.ldif", errno 13 (Permission denied) [03/Jun/2011:15:12:42 -0700] - import userRoot: Aborting all Import threads... [03/Jun/2011:15:12:48 -0700] - import userRoot: Import threads aborted. [03/Jun/2011:15:12:48 -0700] - import userRoot: Closing files... /var/lib/dirsrv/slapd-ARC-NASA-GOV/db/userRoot: No such file or directory [03/Jun/2011:15:12:48 -0700] - All database threads now stopped [03/Jun/2011:15:12:48 -0700] - import userRoot: Import failed. Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 59648. Output: importing data ... [03/Jun/2011:15:12:41 -0700] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [03/Jun/2011:15:12:42 -0700] - check_and_set_import_cache: pagesize: 4096, pages: 997331, procpages: 48998 [03/Jun/2011:15:12:42 -0700] - Import allocates 1595728KB import cache. [03/Jun/2011:15:12:42 -0700] - import userRoot: Beginning import job... [03/Jun/2011:15:12:42 -0700] - import userRoot: Index buffering enabled with bucket size 100 [03/Jun/2011:15:12:42 -0700] - import userRoot: Could not open LDIF file "/var/lib/dirsrv/boot.ldif", errno 13 (Permission denied) [03/Jun/2011:15:12:42 -0700] - import userRoot: Aborting all Import threads... [03/Jun/2011:15:12:48 -0700] - import userRoot: Import threads aborted. [03/Jun/2011:15:12:48 -0700] - import userRoot: Closing files... /var/lib/dirsrv/slapd-ARC-NASA-GOV/db/userRoot: No such file or directory [03/Jun/2011:15:12:48 -0700] - All database threads now stopped [03/Jun/2011:15:12:48 -0700] - import userRoot: Import failed. [11/06/03:15:12:48] - [Setup] Fatal Error: Could not create directory server instance 'ARC-NASA-GOV'. Error: Could not create directory server instance 'ARC-NASA-GOV'. [11/06/03:15:12:48] - [Setup] Fatal Exiting . . . -Brian On 6/3/11 2:53 PM, "Dmitri Pal" <<a href="dpal@redhat.com">dpal@redhat.com</a>> wrote: <BLOCKQUOTE> On 06/03/2011 05:38 PM, Stamper, Brian P. (ARC-D)[Logyx LLC] wrote: <BLOCKQUOTE> Re: [Freeipa-users] Difficulty installing freeipa I’ve given up on freeipa v2 due to lack of compatibility with hosts I manage. This is all on freeipa v1. The server started as Fedora 13, and I upgraded to Fedora 14 in an attempt to fix the problems. [root@freeipa ~]# uname -r 2.6.35.13-91.fc14.x86_64 [root@freeipa ~]# rpm -qa 'ipa*' ipa-client-1.2.2-6.fc14.x86_64 ipa-server-selinux-1.2.2-6.fc14.x86_64 ipa-python-1.2.2-6.fc14.x86_64 ipa-admintools-1.2.2-6.fc14.x86_64 ipa-server-1.2.2-6.fc14.x86_64 [root@freeipa ~]# I’m not doing anything special at this point. I’m not even trying to get clients added. I’m trying to do a basic install of ipa-server, with no extra arguments. That claimed to succeed but wouldn’t work, I tried to fix it, uninstalled, any attempts to reinstall failed. So right now I’m simply trying to get the ipa service back to any kind of functioning status without re-installing the OS. </BLOCKQUOTE> Ah this is all old 1.2 IPA. Have you tried ipa-server-install --uninstall Might require several attempts until all the errors are cleared. <BLOCKQUOTE> -Brian On 6/3/11 2:30 PM, "Dmitri Pal" <<a href="dpal@redhat.com">dpal@redhat.com</a>> wrote: <BLOCKQUOTE> <BLOCKQUOTE> </BLOCKQUOTE> Is it all on F13? The IPA v2 can't be built on F13 as there are many dependencies missing that we rely on. There are two many parts this is why we had to move to the later versions of F15. We just did not have any options. So the server you built might in fact be completely broken. I do not know how to fix it. It looks like you have some instances of the DS left over in a misconfigured state. You can try running ipa-server-install --uninstall 4-5 times. That might clear things a bit. But let us get back to the original problem. Freeipa can be used with the LDAP+Kerberos configuration on the clients. You do not need to have latest and greatest. There was a nice article referenced in some of the earlier threads on the list: <a href="http://www.aput.net/~jheiss/krbldap/howto.html">http://www.aput.net/~jheiss/krbldap/howto.html</a> <<a href="http://www.aput.net/%7Ejheiss/krbldap/howto.html">http://www.aput.net/%7Ejheiss/krbldap/howto.html</a>> <<a href="http://www.aput.net/%7Ejheiss/krbldap/howto.html">http://www.aput.net/%7Ejheiss/krbldap/howto.html</a>> You can configure very old clients to use IPA as NIS server. Let us know how else we can help. Thanks Dmitri <BLOCKQUOTE> -Brian _______________________________________________ Freeipa-users mailing list <a href="Freeipa-users@redhat.com">Freeipa-users@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a> </BLOCKQUOTE> </BLOCKQUOTE> _______________________________________________ Freeipa-users mailing list <a href="Freeipa-users@redhat.com">Freeipa-users@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a> </BLOCKQUOTE> </BLOCKQUOTE> </BODY> </HTML>